public function postCreate()
{
$emailVerification = new EmailVerification(array('user_uid' => Input::get('user_uid'), 'verification_key' => GUID::create(), 'email' => Input::get('email')));
$emailVerification->save();
$emailVerification->send(Input::get('verify_route'));
return $emailVerification;
}
public function markAcceptance($policyCode, $userUid)
{
// get inputs
//
$policy = Policy::where('policy_code', '=', $policyCode)->first();
$user = User::getIndex($userUid);
$acceptFlag = Input::has('accept_flag');
// check inputs
//
if (!$user || !$policy || !$acceptFlag) {
return Response::make('Invalid input.', 404);
}
// check privileges
//
if (!$user->isAdmin() && $user->user_uid != Session::get('user_uid')) {
return Response::make('Insufficient privileges to mark policy acceptance.', 401);
}
// get or create new user policy
//
$userPolicy = UserPolicy::where('user_uid', '=', $userUid)->where('policy_code', '=', $policyCode)->first();
if (!$userPolicy) {
$userPolicy = new UserPolicy(array('user_policy_uid' => GUID::create(), 'user_uid' => $userUid, 'policy_code' => $policyCode));
}
$userPolicy->accept_flag = $acceptFlag;
$userPolicy->save();
return $userPolicy;
}
public function postCreate()
{
if (Input::has('invitee_uid')) {
// create a single admin invitation
//
$adminInvitation = new AdminInvitation(array('invitation_key' => GUID::create(), 'inviter_uid' => Input::get('inviter_uid'), 'invitee_uid' => Input::get('invitee_uid')));
$adminInvitation->save();
$adminInvitation->send(Input::get('invitee_name'), Input::get('confirm_route'));
return $adminInvitation;
} else {
// create an array of admin invitations
//
$invitations = Input::all();
$adminInvitations = new Collection();
for ($i = 0; $i < sizeOf($invitations); $i++) {
$invitation = $invitations[$i];
$adminInvitation = new AdminInvitation(array('invitation_key' => GUID::create(), 'inviter_uid' => $invitation['inviter_uid'], 'invitee_uid' => $invitation['invitee_uid']));
$adminInvitations->push($adminInvitation);
$adminInvitation->save();
$adminInvitation->send();
$adminInvitation->send($invitation['invitee_name'], $invitation['confirm_route']);
}
return $adminInvitations;
}
}
/**
* status changing methods
*/
public function accept()
{
$this->accept_date = new DateTime();
// create new project membership
//
$invitee = User::getByEmail($this->email);
$projectMembership = new ProjectMembership(array('membership_uid' => GUID::create(), 'project_uid' => $this->project_uid, 'user_uid' => $invitee->user_uid, 'admin_flag' => false));
$projectMembership->save();
}
public function postCreate()
{
$project = new Project(array('project_uid' => GUID::create(), 'project_owner_uid' => Input::get('project_owner_uid'), 'full_name' => Input::get('full_name'), 'short_name' => Input::get('short_name'), 'description' => Input::get('description'), 'affiliation' => Input::get('affiliation'), 'trial_project_flag' => Input::get('trial_project_flag') ? true : false, 'denial_date' => Input::get('denial_date'), 'deactivation_date' => Input::get('deactivation_date')));
$project->save();
// automatically create new project membership for owner
//
$projectMembership = new ProjectMembership(array('project_uid' => $project->project_uid, 'user_uid' => $project->project_owner_uid, 'admin_flag' => true));
$projectMembership->save();
return $project;
}
public function postCreate()
{
$error = $this->getPlatform($platformUuid, $platformVersionUuid);
if ($error) {
return $error;
}
// create new assessment run
//
$assessmentRun = new AssessmentRun(array('assessment_run_uuid' => GUID::create(), 'project_uuid' => Input::get('project_uuid'), 'package_uuid' => Input::get('package_uuid'), 'package_version_uuid' => Input::get('package_version_uuid'), 'tool_uuid' => Input::get('tool_uuid'), 'tool_version_uuid' => Input::get('tool_version_uuid'), 'platform_uuid' => $platformUuid, 'platform_version_uuid' => $platformVersionUuid));
$assessmentRun->save();
return $assessmentRun;
}
public function postCreate()
{
$user = User::getByUsername(Input::get('username'));
$user = $user ? $user : User::getByEmail(Input::get('email'));
if (!$user) {
return Response::json(array('success' => true));
}
$passwordResetNonce = $nonce = GUID::create();
$passwordReset = new PasswordReset(array('password_reset_key' => Hash::make($passwordResetNonce), 'user_uid' => $user->user_uid));
$passwordReset->save();
$passwordReset->send($nonce);
return Response::json(array('success' => true));
}
public function postCreate()
{
if (self::$requireUniquePackageNames) {
// check for existing package name
//
$existingPackage = Package::where('name', '=', Input::get('name'))->first();
if ($existingPackage) {
return Response::make('A package named ' . Input::get('name') . ' already exists. Please rename your package to a unique name and try again.', 500);
}
}
if (!Session::get('user_uid')) {
}
$package = new Package(array('package_uuid' => GUID::create(), 'name' => Input::get('name'), 'description' => Input::get('description'), 'external_url' => Input::get('external_url'), 'package_type_id' => Input::get('package_type_id'), 'package_owner_uuid' => Session::get('user_uid'), 'package_sharing_status' => Input::get('package_sharing_status')));
$package->save();
return $package;
}
public function updateIndex($userUid)
{
$user = User::getIndex($userUid);
if (!$user) {
return Response('Could not find user.', 500);
}
// send verification email
//
if ($user->email != Input::get('email')) {
$emailVerification = new EmailVerification(array('user_uid' => $user->user_uid, 'verification_key' => GUID::create(), 'email' => Input::get('email')));
$emailVerification->save();
$emailVerification->send('#verify-email', true);
}
// set attributes
//
$user->first_name = Input::get('first_name');
$user->last_name = Input::get('last_name');
$user->preferred_name = Input::get('preferred_name');
$user->username = Input::get('username');
$user->address = Input::get('address');
$user->phone = Input::get('phone');
$user->affiliation = Input::get('affiliation');
// update user
//
$user->modify();
// get meta attributes
//
$attributes = array('email_verified_flag' => Input::get('email_verified_flag'), 'enabled_flag' => Input::get('enabled_flag'), 'owner_flag' => Input::get('owner_flag'), 'admin_flag' => Input::get('admin_flag'));
// update meta attributes
//
$currentUser = User::getIndex(Session::get('user_uid'));
if ($currentUser && $currentUser->isAdmin()) {
// update user account
//
$userAccount = $user->getUserAccount();
$userAccount->setAttributes($attributes, $user);
}
// return response
//
return $user;
}
public function updateMultiple()
{
$inputs = Input::all();
$collection = new Collection();
for ($i = 0; $i < sizeOf($inputs); $i++) {
// get input item
//
$input = $inputs[$i];
if (array_key_exists('run_request_schedule_uuid', $input)) {
// find existing model
//
$runRequestSchedule = RunRequestSchedule::where('run_request_schedule_uuid', '=', $input['run_request_schedule_uuid'])->first();
$collection->push($runRequestSchedule);
} else {
// create new model
//
$runRequestSchedule = new RunRequestSchedule(array('run_request_schedule_uuid' => GUID::create()));
}
// update model
//
$runRequestSchedule->run_request_uuid = $input['run_request_uuid'];
$runRequestSchedule->recurrence_type = $input['recurrence_type'];
// set optional attributes
//
if (array_key_exists('recurrence_day', $input)) {
$runRequestSchedule->recurrence_day = $input['recurrence_day'];
}
if (array_key_exists('time_of_day', $input)) {
$runRequestSchedule->time_of_day = $input['time_of_day'];
}
// save model
//
$runRequestSchedule->save();
}
return $collection;
}
private function store()
{
$attributes = $this->getAttributes();
$packagePath = $attributes['package_path'];
$packageUuid = $attributes['package_uuid'];
// create stored procedure call
//
$connection = DB::connection('package_store');
$pdo = $connection->getPdo();
$stmt = $pdo->prepare("CALL store_package_version(\n\t\t\t:packageUuidIn, :packagePathIn, @packagePathOut, @checksum, @returnStatus, @returnMsg);");
// bind params
//
$stmt->bindParam(":packageUuidIn", $packageUuid, PDO::PARAM_STR, 45);
$stmt->bindParam(":packagePathIn", $packagePath, PDO::PARAM_STR, 200);
// set param values
//
$checksum = null;
$returnStatus = null;
$returnMsg = null;
// call stored procedure
//
$results = $stmt->execute();
// fetch return parameters
//
$select = $pdo->query('SELECT @packagePathOut, @checksum, @returnStatus, @returnMsg');
$results = $select->fetchAll();
$packagePathOut = $results[0]["@packagePathOut"];
$checksum = $results[0]["@checksum"];
$returnStatus = $results[0]["@returnStatus"];
$returnMsg = $results[0]["@returnMsg"];
// remove file and directory
//
// unlink(PackageVersion::$incoming.$packagePath);
// rmdir(dirname(PackageVersion::$incoming.$packagePath));
// create new package version if successful
//
if ($returnStatus == "SUCCESS") {
// create new package version
//
$packageVersion = new PackageVersion($attributes);
// set creation attributes
//
$packageVersion->package_version_uuid = GUID::create();
$packageVersion->package_path = $packagePathOut;
$packageVersion->checksum = $checksum;
$packageVersion->save();
return $packageVersion;
} else {
// return values
//
return Response::make($returnMsg, $returnStatus == 'ERROR' ? 500 : 200);
}
}
public function designateProject($userPermissionUid, $projectUid)
{
$up = UserPermission::where('user_permission_uid', '=', $userPermissionUid)->first();
$p = Project::where('project_uid', '=', $projectUid)->first();
$user = User::getIndex(Session::get('user_uid'));
if (!($up && $p && $user)) {
return Response::make('Unable to find permission information.', 404);
}
if (!$user->isAdmin() && $user->user_uid != $p->owner['user_uid']) {
return Response::make('User does not have permission to designate a project.', 401);
}
$upp = new UserPermissionProject(array('user_permission_project_uid' => GUID::create(), 'user_permission_uid' => $userPermissionUid, 'project_uid' => $projectUid));
$upp->save();
return $upp;
}
public function postCreate()
{
$platform = new Platform(array('platform_uuid' => GUID::create(), 'name' => Input::get('name'), 'platform_owner_uuid' => Input::get('platform_owner_uuid'), 'platform_sharing_status' => Input::get('platform_sharing_status')));
$platform->save();
return $platform;
}
public function postCreate()
{
$runRequest = new RunRequest(array('run_request_uuid' => GUID::create(), 'project_uuid' => Input::get('project_uuid'), 'name' => Input::get('name'), 'description' => Input::get('description')));
$runRequest->save();
return $runRequest;
}
public function updateAll()
{
$invitations = Input::all();
$projectInvitations = new Collection();
for ($i = 0; $i < sizeOf($invitations); $i++) {
$invitation = $invitations[$i];
$projectInvitation = new ProjectInvitation(array('project_uid' => $invitation['project_uid'], 'invitation_key' => GUID::create(), 'inviter_uid' => $invitation['inviter_uid'], 'invitee_name' => $invitation['invitee_name'], 'email' => $invitation['email']));
$projectInvitations->push($projectInvitation);
$projectInvitation->save();
}
return $projectInvitations;
}
public function postCreate()
{
$tool = new Tool(array('tool_uuid' => GUID::create(), 'name' => Input::get('name'), 'tool_owner_uuid' => Input::get('tool_owner_uuid'), 'is_build_needed' => Input::get('is_build_needed'), 'tool_sharing_status' => Input::get('tool_sharing_status')));
$tool->save();
return $tool;
}
public function postCreate()
{
$toolVersion = new ToolVersion(array('tool_version_uuid' => GUID::create(), 'tool_uuid' => Input::get('tool_uuid'), 'version_string' => Input::get('version_string'), 'release_date' => Input::get('release_date'), 'retire_date' => Input::get('retire_date'), 'notes' => Input::get('notes'), 'tool_path' => Input::get('tool_path'), 'tool_executable' => Input::get('tool_executable'), 'tool_arguments' => Input::get('tool_arguments'), 'tool_directory' => Input::get('tool_directory')));
$toolVersion->save();
return $toolVersion;
}
public function postCreate()
{
$projectMembership = new ProjectMembership(array('membership_uid' => GUID::create(), 'project_uid' => Input::get('project_uid'), 'user_uid' => Input::get('user_uid'), 'admin_flag' => Input::get('admin_flag') == 'true'));
$projectMembership->save();
return $projectMembership;
}
public function registerGithubUser()
{
if (!Session::has('github_access_token')) {
return Response::make('Unauthorized GitHub access.', 401);
}
$token = Session::get('github_access_token');
$ch = curl_init('https://api.github.com/user');
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authorization: token {$token}"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_USERAGENT, 'SWAMP');
$response = curl_exec($ch);
$github_user = json_decode($response, true);
// Append email information
//
$ch = curl_init('https://api.github.com/user/emails');
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authorization: token {$token}"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_USERAGENT, 'SWAMP');
$response = curl_exec($ch);
$github_emails = json_decode($response);
$github_user['email'] = '';
$primary_verified = false;
foreach ($github_emails as $email) {
if ($email->primary == '1' && $email->verified == '1') {
$primary_verified = true;
$github_user['email'] = $email->email;
} else {
if ($email->primary == '1') {
$github_user['email'] = $email->email;
}
}
}
$names = array_key_exists('name', $github_user) ? explode(' ', $github_user['name']) : array('', '');
$user = new User(array('first_name' => array_key_exists(0, $names) ? $names[0] : '', 'last_name' => array_key_exists(1, $names) ? $names[1] : '', 'preferred_name' => array_key_exists('name', $github_user) ? $github_user['name'] : '', 'username' => $github_user['login'], 'password' => md5(uniqid()) . strtoupper(md5(uniqid())), 'user_uid' => GUID::create(), 'email' => $github_user['email'], 'address' => array_key_exists('location', $github_user) ? $github_user['location'] : ''));
// Attempt username permutations
//
for ($i = 1; $i < 21; $i++) {
$errors = array();
if ($user->isValid($errors, true)) {
break;
}
if ($i == 20) {
return Response::make('Unable to generate SWAMP GitHub user:<br/><br/>' . implode('<br/>', $errors), 401);
}
$user->username = $github_user['login'] . $i;
}
$user->add();
$linkedAccount = new LinkedAccount(array('user_uid' => $user->user_uid, 'user_external_id' => $github_user['id'], 'linked_account_provider_code' => 'github', 'enabled_flag' => 1));
$linkedAccount->save();
if ($primary_verified) {
// Mark user account email verified flag
$userAccount = $user->getUserAccount();
$userAccount->email_verified_flag = 1;
$userAccount->save();
Mail::send('emails.welcome', array('user' => $user, 'logo' => Config::get('app.cors_url') . '/images/logos/swamp-logo-small.png', 'manual' => Config::get('app.cors_url') . '/documentation/SWAMP-UserManual.pdf'), function ($message) use($user) {
$message->to($user->email, $user->getFullName());
$message->subject('Welcome to the Software Assurance Marketplace');
});
return Response::json(array('primary_verified' => true, 'user' => $user));
} else {
$emailVerification = new EmailVerification(array('user_uid' => $user->user_uid, 'verification_key' => GUID::create(), 'email' => $user->email));
$emailVerification->save();
$emailVerification->send('#register/verify-email');
return Response::json(array('primary_verified' => false, 'user' => $user));
}
}
